<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>kali工具箱</title>
<script src="./static/bootstrap.min.js"></script>
<link rel="stylesheet" href="./static/main.css">
<link rel="stylesheet" href="./static/bootstrap.min.css">
<style type="text/css" id="syntaxhighlighteranchor"></style>
</head>
<main class="main-container ng-scope" ng-view="">
<div class="main receptacle post-view ng-scope">
<article class="entry ng-scope" ng-controller="EntryCtrl" ui-lightbox="">
<section class="entry-content ng-binding" ng-bind-html="postContentTrustedHtml">
<h2> plecost包装说明</h2><p style="text-align: justify;"> WordPress的手指打印机工具，plecost搜索和检索有关安装在系统中的WordPress插件版本的信息。它可以分析一个URL或基于由谷歌索引的结果进行分析。此外显示每个插件有关，如果有CVE代码。 Plecost检索包含在由WordPress支持的Web站点的信息，并且还允许由谷歌索引的结果的搜索。 </p><p>资料来源：https://code.google.com/p/plecost/ <br> <a href="http://code.google.com/p/plecost/" variation="deepblue" target="blank">plecost首页</a> | <a href="http://git.kali.org/gitweb/?p=packages/plecost.git;a=summary" variation="deepblue" target="blank">卡利plecost回购</a> </p><ul><li>作者：弗朗西斯科耶稣戈麦斯，丹尼尔·加西亚·加西亚</li><li>许可：GPLv3的</li></ul><h3>包含在plecost包工具</h3><h5> plecost </h5><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="c4b6ababb084afa5a8ad">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# plecost -h<br>
<br>
////////////////////////////////////////////<br>
// ..................................DMI...<br>
// .............................:MMMM......<br>
// .........................$MMMMM:........<br>
// .........M.....,M,=NMMMMMMMMD...........<br>
// ........MMN...MMMMMMMMMMMM,.............<br>
// .......MMMMMMMMMMMMMMMMM~...............<br>
// .......MMMMMMMMMMMMMMM..................<br>
// ....?MMMMMMMMMMMMMMMN$I.................<br>
// .?.MMMMMMMMMMMMMMMMMMMMMM...............<br>
// .MMMMMMMMMMMMMMN........................<br>
// 7MMMMMMMMMMMMMON$.......................<br>
// ZMMMMMMMMMMMMMMMMMM.......plecost.......<br>
// .:MMMMMMMZ~7MMMMMMMMMO..................<br>
// ....~+:.................................<br>
//<br>
// Plecost - Wordpress finger printer Tool (with threads support) 0.2.2-9-beta<br>
//<br>
// Developed by:<br>
//        Francisco Jesus Gomez aka (<a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="accacadecdc2d6ecc5c2c5ddd9cd82cfc3c1">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>)<br>
//        Daniel Garcia Garcia (<a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="98fcf9f6f1d8f1f6f1e9edf9b6fbf7f5">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>)<br>
//<br>
// Info: http://iniqua.com/labs/<br>
// Bug report: <a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="e4948881878b9790a48d8a8d959185ca878b89">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script><br>
<br>
<br>
Usage: /usr/bin/plecost [options] [ URL | [-l num] -G]<br>
<br>
<br>
Google search options:<br>
    -l num    : Limit number of results for each plugin in google.<br>
    -G        : Google search mode<br>
<br>
Options:<br>
    -n        : Number of plugins to use (Default all - more than 7000).<br>
    -c        : Check plugins only with CVE associated.<br>
    -R file   : Reload plugin list. Use -n option to control the size (This take several minutes)<br>
    -o file   : Output file. (Default "output.txt")<br>
    -i file   : Input plugin list. (Need to start the program)<br>
    -s time   : Min sleep time between two probes. Time in seconds. (Default 10)<br>
    -M time   : Max sleep time between two probes. Time in seconds. (Default 20)<br>
    -t num    : Number of threads. (Default 1)<br>
    -h        : Display help. (More info: http://iniqua.com/labs/)<br>
<br>
Examples:<br>
<br>
  * Reload first 5 plugins list:<br>
        plecost -R plugins.txt -n 5<br>
  * Search vulnerable sites for first 5 plugins:<br>
        plecost -n 5 -G -i plugins.txt<br>
  * Search plugins with 20 threads, sleep time between 12 and 30 seconds for www.example.com:<br>
        plecost -i plugin_list.txt -s 12 -M 30 -t 20 -o results.txt www.example.com</code><h3> plecost用法示例</h3><p>使用100 <b><i>插件（-n 100），睡眠</i></b>持续10秒<b><i>探针（-s 10），但</i></b>不超过<b><i>15（-M 15）</i></b>之间，并使用插件列表<b><i>（-i /usr/share/plecost/wp_plugin_list.txt）</i></b>到扫描指定的<b><i>URL（192.168.1.202/wordpress） <i></i></i></b> ： </p><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="addfc2c2d9edc6ccc1c4">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# plecost -n 100 -s 10 -M 15 -i /usr/share/plecost/wp_plugin_list.txt 192.168.1.202/wordpress<br>
[*] Num of checks set to: 100<br>
<br>
-------------------------------------------------<br>
[*] Input plugin list set to: /usr/share/plecost/wp_plugin_list.txt<br>
[*] Min sleep time set to: 10<br>
[*] Max sleep time set to: 15<br>
-------------------------------------------------<br>
<br>
==&gt; Results for: 192.168.1.202/wordpress &lt;==<br>
<br>
[i] Wordpress version found:  3.9.1<br>
[i] Wordpress last public version: 3.9.1<br>
<br>
<br>
[*] Search for installed plugins<br>
<br>
<br>
[i] Plugin found: akismet<br>
    |_Latest version:  2.4.0<br>
    |_ Installed version: 3.0.0<br>
    |_CVE list: <br>
    |___CVE-2009-2334: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334)<br>
    |___CVE-2007-2714: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2714)<br>
    |___CVE-2006-4743: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4743)<br>
    |___CVE-2009-2334: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334)<br>
    |___CVE-2007-2714: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2714)<br>
    |___CVE-2006-4743: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4743)</code><div style="display:none">
<script src="//s11.cnzz.com/z_stat.php?id=1260038378&web_id=1260038378" language="JavaScript"></script>
</div>
</main></body></html>
